IT Security Engineer (Networking Security)
St Louis, MO
- Responsible for maintaining confidentiality, integrity, and availability of information, applications, infrastructure, and cloud environments.
- Responsible for the implementation of security controls across networking devices, databases, operating systems, hardware and software components according to best practices and expert recommendations.
- Responsible for management of systems that support information security including virus detection systems, endpoint detection and response, data loss prevention, network anomaly detection, cloud access security brokers, security information event management, and other security systems.
- Assists in planning, deployment, administration and maintenance of various security applications and tools to secure the organizational assets.
- Participates in evaluation of security products and/or procedures to enhance productivity and effectiveness.
- Perform network and security systems administration to include providing role-based system access, integrating new data log sources and modifying configuration settings and policies.
- Monitors security systems for indications of malicious activity and escalates suspected or identified security incidents to the Head of Information Security.
- Conduct and monitor results of security awareness training, simulated phishing exercises and provide progress reports on on-going and previous campaigns.
- Respond to alerts and dashboards, set up monitoring criteria, troubleshoot warnings, and provide partnership with IT supports teams on outages to resolve alerts to include on call support.
- Schedule and report on critical system vulnerabilities utilizing Nessus or Rapid7 tools and collaborate to remediate vulnerabilities across devices and systems.
- Collaborates with IT Management and external vendors to facilitate security audits and address exceptions.
- Gather and provide appropriate security metrics to senior management using available security tools and services
- 5+ years of experience in information security operations and administration
- Understanding of security logging, audit logging, and event logging.
- Understanding of and ability to perform and interpret vulnerability assessments.
- Experience in conducting, participating in, and evaluating security testing activities e.g., security assessments, audits, and penetration testing.
- Experience with network and system security administration, including system security configuration and account management best practices and cyber security toolsets.
- Experience supporting operational security activities e.g., firewall implementation, risk mitigation, host security, encryption, intrusion detection, Virtual Private Network (VPN) implementations, and viral detections.
- Experience in planning and/or review security lockdown and/or hardening of Servers (Windows, UNIX, etc.) and network devices
- Knowledge of industry standard best practices with regards to security
- Working knowledge of Microsoft Active Directory, Microsoft Windows Operating Systems and Microsoft Exchange, Microsoft Azure, Office 365
Preferred Skills and Certifications
- CISSP: Certified Information Systems Security Professional
- Security +
- Firewall Technologies (Cisco Meraki, Palo Alto, Check Point),
- Endpoint Security (Crowdstrike, Symantec, CarbonBlack, BitDefender),
- Analytics (Splunk, LogRythm),
- Vulnerability Management (Tenable, Qualys, Rapid7),
- Cloud Security (Azure, GCP, AWS),
- Identity Management technologies include, CyberArk, Okta, Office 365
- Preferred experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms such as Splunk, LogRhythm that perform log collection, analysis, correlation, and alerting.
$100,000.00 - $120,000.00 /year